Plaintext Transmission of Admin and Setup Passwords in phpGroupWare
CVE-2004-2578 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
phpGroupWare before 0.9.16.002 transmits the (1) header admin and (2) setup passwords in plaintext via cookies, which allows remote attackers to sniff passwords.
Learn more about our Web Application Penetration Testing UK.